If you or your co-workers use any of the passwords listed below, you are asking to be hacked. According to a report from the consulting firm Imperva, this list reflects an analysis of some 32 million passwords that an unknown hacker stole in December 2009 from RockYou, a company that makes software for users of social networking sites. Somewhat shockingly, the password “123456” was used by nearly 1% of all RockYou users; the “top 20” RockYou passwords are reproduced below:
- 123456
- 12345
- 123456789
- Password
- iloveyou
- princess
- rockyou
- 1234567
- 12345678
- abc123
- Nicole
- Daniel
- babygirl
- monkey
- Jessica
- Lovely
- michael
- Ashley
- 654321
- Qwerty
Hackers around the world now have this list of 32 million passwords and are using it to make brute force attacks on accounts and networks. How can you defend yourself? Change and toughen your passwords, lengthening them and adding a mix of letters and numbers. If you are trying to defend your company’s network, you need to adopt and enforce more rigorous password policies. Tougher passwords will not make you or your networks hack-proof, but they will put you ahead of the thousands of people who still use “123456.”
Pingback: One More New Year’s Resolution: Change Your Passwords Before Groundhog Day | Security, Privacy and the Law